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Amendments to the Claims 

Upon entry of this amendment, the following listing of claims will replace all prior 
versions and listings of claims in the pending application. 

IN THE CLAIMS 

Please amend claims 1 5 4-8, 1 1-13, 16, 20, 22-33, 35 and 36, cancel claims 2, 3, 14, 16, 
19, 21 and 34, and add new claims 37-96 as follows: 

1 . (Currently Amended) A method for establishing a secure communication channel 
between a client and an application server comprising the steps of: 

(a) receiving, at a web server, a request from a client to have an application program 
executed on an application server and to have output from said application program executing on 
said application server transmitted to said client; 

(b) generating^ by a ticket servicei a ticket having an identifier and a session key; 

(c) obtaining , by said web server, said ticket from said ticket service; 

£d} transmittin g, by said web server, said ticket to a -said client over a secure 
communication channel; 

(e) transmitting , by said client, said identifier ef from said ticket by said cli e nt to aft 
said application server ov e r an application communication chann e l ; 

ff) obtainingi by said application server^ a copy of said session key of said tick e t 
from said ticket service using said identifier ; and 

£g) establishing an application communication channel between said client and said 
application server; 
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fly) executing, by said application server, said application program identified in said 
request; 

(i) transmitting, by said application server, output of said application program over 
said application communication channel via a remote display protocol; and 

(]} encrypting said output communicated communications b e tw ee n to said client aad 
said application serv e r over said application communication channel using said session key te 
e stablish said application communication chann e l as a s e cure communication chann e l . 

2. (Canceled). 

3. (Canceled). 

4. (Currently Amended) The method of claim 2 I wherein said ticket service resides on said 
web server. 

5. (Currently Amended) The method of claim 2 I wherein step (f) further comprises 
comprising transmitting^ by said application server said identifier to said web server over a 
server communication channel. 

6. (Currently Amended) The method of claim 5 further comprising receiving^by said 
application server^ said a response to transmitting said identifier to said web server , said response 
including said session key . 

7. (Currently Amended) The method of claim 5 further comprising validating , by said web 
server, said identifier transmitt e d by said application s e rv e r . 

8. (Currently Amended) The method of claim 7 wherein said validating step further 
comprises confirming by said web server that said identifier is received by said web server 
within a predetermined c e rtain t ime frame r e lativ e to a time that said id e ntifi e r was transmitt e d 
by said w e b s e rv e r to said client . 
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9. 



(Original) The method of claim 1 wherein said session key is substantially equivalent to a 



null value. 

10. (Original) The method of claim 9 wherein said null value is a constant value. 

1 1 . (Currently Amended) The method of claim 9- 5 wh e r e in further comprising establishing 
said application server communication channel as a secure communication channel. 

12. (Currently Amended) A method for establishing a secure communication channel 
between a client and an application server comprising the steps of: 

(a) transmitting to a web server a request to have an application server execute an 
a pplication program and transmit output from said application program executing on said 
a pplication server; 

(b) establishing a secure web communication channel between a web browser 
executing on said client and a said web server; 

(c) receiving a ticket having an identifier and a session key from said web server over 
said secure web communication channel; aad 

(d) establishing an application communication channel with said application server 
over said application communication channel; 

(e) transmitting said identifier ef from said ticket to said application server over an 
application communication channel to provide said application server with information for 
obtaining a copy of said session keyr; 

(f) receiving output of said application program, identified in said request, from said 
a pplication server over said application communication channel via a remote display protocol; 
and 

(g) decrypting said output using said session key . 
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13. (Currently Amended) A method for establishing a secure communication channel 
between a client and an application server comprising the steps of: 

(a) receiving a request from a web server to execute an application program on behalf 
of a client and transmit to said client output from said application program executing on said 
application server; 

(b) receiving an identifier from said client; 

(c) receiving obtaining from said web server a copy of a t ick e t having an id e ntifi e r 
and a session key associated with said identifier over a s e cure w e b communication chann e l ; 

transmitting from said id e ntifi e r of from said tick e t to said application s e rv e r ov e r an 
application communication chann e l to provid e said application s e rv e r with information 
for obtaining a copy of said s e ssion k e y; and 

£d) establishing an application communication channel with said client; 

(e) executing said application program identified in said request; 

(f) transmitting output of said executing application program over said application 
communication channel via a remote display protocol; and 

£g} encrypting and d e crypting communications said output transmitt e d to and 
r e c e ived from said application serv e r ov e r said application communication chann e l using said 
session key rec e iv e d ov e r said secur e w e b communication chann e l to e stablish said application 
communication chann e l as a secur e communication chann e l . 

14. (Canceled). 

15. (Currently Amended) The method of claim 1 3 wherein said id e ntifi e r is step (b) 
comprises receiving a nonce from said client . 

16. (Canceled). 
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17. (Original) The method of claim 13 wherein said ticket is generated by a ticket service. 

18. (Original) The method of claim 13 wherein said identifier is an application server 
certificate. 

19. (Canceled). 

20. (Currently Amended) The method of claim 1 3 wherein step (b) further comprises 
comprising transmitting receiving a password te from said client application s e rv e r . 

21. (Canceled). 

22. (Currently Amended) A communications system for establishing a secure 
communication channel between a client and an application server comprising: 

a ticket service generating a ticket associated with a client, said ticket having an identifier 
and a session key; 

a communications device web server in communication with said ticket servicei t o obtain 
said tick e t from said tick e t s e rvic e ; 

said web server receiving a request from said client to have an application program 
executed on an application server, obtaining said ticket from said ticket service, and transmitting 
said ticket to said client over a secure communication channel; 

a said client transmitting said identifier from said ticket to said application server m 
communication with said communications devic e ov e r a secure communication chann e l to 
r e c e iv e said ticket from said communications device over said s e cure communication chann e l ; 

uiiu 

said application server obtaining a copy of said session key from said ticket service using 
said identifier; an application server in communication with said client ov e r an application 
communication chann e l to r e ceive said identifi e r of said ticket from said cli e nt and in 
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communication with said ticket servic e to obtain a copy of said s e ssion key from said tiokot 
servic e , said application serv e r and said cli e nt e xchanging communications ov e r said application 
communication chann e l e ncrypted using said s e ssion k e y to establish said application 
communication chann e l as a secure communication chann e l. 

said client and said application server establishing an application communication channel, 
said application server executing said application program identified in said request and 
transmitting output from said executing application program over said application 
communication channel via a remote display protocol; and 

said client and said application server encrypting communications using said session key. 

23. (Currently Amended) The system of claim 22 wherein said ticket service resides on said 
communications d e vic e web server . 

24. (Currently Amended) The system of claim 33- 22 further comprising said application 
server transmitting said identifier to said communications d e vic e web server over a server 
communication channel. 

25. (Currently Amended) The system of claim 24 further comprising said application server 
requesting a copy of said session key in response to receiving said identifier from said client. 

26. (Currently Amended) The system of claim 25 further comprising said communications 
d e vic e web server validating said identifier transmitted by said application serv e r . 

27. (Currently Amended) The system of claim 26 wherein said communications d e vic e web 
server validates validating furth e r comprises said communications d e vic e confirming that said 
id e ntifier said identifier has not been previously received from transmitt e d by said application 
server. 
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28. (Currently Amended) The system of claim 26 wherein said communications d e vice web 
server validates validating furth e r compris e s said communications devic e confirming that said 
identifier when said identifier is received by said communications d e vice web server within a 
c e rtain predetermined time frame r e lativ e to a tim e that said identifier was transmitt e d by said 
communications d e vico - to said cli e nt . 

29. (Currently Amended) The system of claim 27 further comprising said communications 
deviee web server transmitting said session key to said application server over said server 
communication channel in r e spons e to said id e ntifi e r . 

30. (Currently Amended) The system of claim 27 24 wherein said server communication 
channel is a secure communication channel. 

3 1 . (Currently Amended) The system of claim 25 further comprising said communications 
devic e web server transmitting additional information to said application server over said server 
communication channel. 

32. (Currently Amended) The system of claim 3 1 wherein said additional tick e t information 
furth e r comprises login information of a user of said client. 

33. (Currently Amended) The system of claim 32 wherein said additional tick e t information 
furth e r comprises a name of a software application executing on said application server. 

34. (Canceled). 

35. (Currently Amended) The method system of claim 22 further comprising said client 
transmitting a password of a us e r operating said cli e nt to said application server. 

36. (Currently Amended) The m e thod system of claim 22 further comprising said ticket 
service transmitting information corresponding to at least one of said client and a user operating 
said client to said application server. 
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37. (New) A communications system for establishing a secure communication channel 
between a client and an application server comprising: 

a web browser on a client establishing a secure web communication channel with a web 
server, said web browser: transmitting to said web server a request to have an application server 
execute an application program and transmit to said client output of said application program 
executing on said application server; receiving a ticket associated with said client from said web 
server, said ticket having an identifier and a session key; and transmitting said identifier from 
said ticket to said application server; and 

an application client on said client establishing an application communication channel 
with said application server, said application client receiving output of said application program, 
identified in said request, executing on said application server, over said application 
communication channel via a remote display protocol and decrypting said output using said 
session key. 

38. (New) The system of claim 37 wherein said web browser receives additional information 
from said web server over said secure web communication channel. 

39. (New) The system of claim 38 wherein said additional information further comprises an 
address of said application server. 

40. (New) The system of claim 37 wherein said application client transmits a password of a 
user operating said client to said application server. 

41 . (New) The system of claim 37 wherein said identifier is an application server certificate. 

42. (New) The system of claim 37 wherein said web browser uses secure socket layer 
technology to establish said secure web communication channel. 

43. (New) The system of claim 37 wherein said identifier is a nonce. 
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44. (New) The system of claim 37 wherein said session key is substantially equivalent to a 
null value. 

45. (New) The system of claim 37 wherein said null value is a constant value. 

46. (New) A communications system for establishing a secure communication channel 
between a client and an application server comprising: 

a ticket service generating a ticket associated with a client, said ticket having an identifier 
and a session key; 

a web server in communication with said ticket service, said web server receiving a 
request from said client to have an application program executed on said client's behalf and to 
have output of said application program transmitted to said client, said web server transmitting 
said ticket to said client over a secure web communication channel; 

an application server receiving said identifier from said ticket from said client, obtaining 
a copy of said session key from said web server, establishing an application communication 
channel with said client, executing said application program, transmitting output from said 
application program identified in said request to said client over said application communication 
channel via a remote display protocol, and encrypting said output using said session key. 

47. (New) The system of claim 46 wherein said ticket service resides on said web server. 

48. (New) The system of claim 46 wherein said application server obtains a copy of said 
session key from said web server in response to receiving said identifier from said client. 

49. (New) The system of claim 46 wherein said web server validates said identifier. 

50. (New) The system of claim 49 wherein said web server validates said identifier has not 
been previously received from said application server. 
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51. (New) The system of claim 49 wherein said web server validates said identifier is 
received by said web server within a predetermined time frame. 

52. (New) The system of claim 49 wherein said web server transmits said session key to said 
application server over a server communication channel in response to receiving said identifier 
from said application server. 

53. (New) The system of claim 52 wherein said server communication channel is a secure 
communication channel. 

54. (New) The system of claim 52 wherein said web server transmits additional information 
to said application server over said server communication channel. 

55. (New) The system of claim 54 wherein said additional ticket information further 
comprises login information of a user of said client. 

56. (New) The system of claim 54 wherein said additional ticket information further 
comprises a name of a software application executing on said application server. 

57. (New) The system of claim 49 wherein said client transmits a password of a user 
operating said client to said application server. 

58. (New) The system of claim 49 wherein said ticket service transmits information 
corresponding to at least one of said client and a user operating said client to said application 
server. 

59. (New) The system of claim 49 wherein said identifier is an application server certificate. 

60. (New) The system of claim 49 wherein said identifier is a nonce. 

61. (New) The system of claim 49 wherein said session key is substantially equivalent to a 
null value. 

62. (New) The system of claim 49 wherein said null value is a constant value. 
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63. (New) The system of claim 49 wherein said secure web communication channel is 
established using secure socket layer technology. 

64. (New) The method of claim 12 wherein said ticket is generated by a ticket service. 

65. (New) The method of claim 64 wherein said ticket service resides on said web server. 

66. (New) The method of claim 12 wherein said identifier is an application server certificate. 

67. (New) The method of claim 12 wherein step (b) further comprises using secure socket 
layer technology to establish said secure web communication channel. 

68. (New) The method of claim 12 wherein step (e) further comprises transmitting a 
password to said application server. 

69. (New) The method of claim 12 wherein said session key is substantially equivalent to a 
null value. 

70. (New) The method of claim 12 wherein said session key is substantially equivalent to a 
null value. 

71 . (New) The method of claim 13 wherein said ticket is generated by a ticket service. 

72. (New) The method of claim 13 wherein said ticket service resides on said web server. 

73. (New) The method of claim 13 wherein step (c) further comprises transmitting by said 
application server said identifier to said web server over a server communication channel. 

74. (New) The method of claim 71 wherein said application server receives a response to 
transmitting said identifier to said web server, said response including said session key. 

75. (New) The method of claim 71 wherein said web server validates said identifier. 

76. (New) The method of claim 72 wherein said web server validates said identifier is 
received by said web server within a predetermined time frame. 

77. (New) The method of claim 13 wherein said identifier is an application server certificate. 
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78. (New) The method of claim 13 wherein said session key is substantially equivalent to a 
null value. 

79. (New) The method of claim 13 wherein said null value is a constant value. 

80. (New) The method of claim 1 wherein said identifier is a nonce. 

81 . (New) The method of claim 1 wherein said identifier is an application server certificate. 

82. (New) The method of claim 1 wherein step (j) further comprises decrypting 
communications from said application server using said session key. 

83. (New) The method of claim 1 wherein said remote display protocol is the Independent 
Computing Architecture protocol. 

84. (New) The method of claim 1 wherein said remote display protocol is the Remote 
Display Protocol. 

85. (New) The method of claim 12 wherein step (g) further comprises encrypting 
communications to said application server. 

86. (New) The method of claim 12 wherein said remote display protocol is the Independent 
Computing Architecture protocol. 

87. (New) The method of claim 12 wherein said remote display protocol is the Remote 
Display Protocol. 

88. (New) The method of claim 13 wherein step (g) further comprises decrypting 
communications from said client. 

89. (New) The method of claim 1 3 wherein said remote display protocol is the Independent 
Computing Architecture protocol. 

90. (New) The method of claim 13 wherein said remote display protocol is the Remote 
Display protocol. 
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91 . (New) The system of claim 37 wherein said remote display protocol is the Independent 
Computing Architecture protocol. 

92. (New) The system of claim 37 wherein said remote display protocol is the Remote 
Display Protocol. 

93. (New) The system of claim 37 wherein said client encrypts communications to said 
application server using said session key. 

94. (New) The system of claim 46 wherein said remote display protocol is the Independent 
Computing Architecture protocol. 

95. (New) The system of claim 46 wherein said remote display protocol is the Remote 
Display Protocol. 

96. (New) The system of claim 46 wherein said application server decrypts communications 
from said client using said session key. 
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